how to constructure ldap entry when user status is changed

I have some user information ( with certificate ) ,like cn = bob, dc= one, dc = two ,dc = org sn: .. userCertificate;binary::... .. : ... someday , if he would be revoked, should i move it to another entry ( replace a new dn ), like cn = bob, dc = crl ,dc = two ,dc = org or maybe I use the same

LDAP_SERVER_DOWN in win32?

I try to use openldap in windows xp. there is some implentations of openldap-win32-2.4.x. I have used every one of them, and openldap for linux in debian. the same problem is i can't connect them except the server is in localhost if my client run at win32, even i try to build my client in openldap

how to get DIT structure info

hi, I have a question. I want to manage some data by OpenLDAP, and I hope show them by tree structure when I list. So I want to get the DIT structure info and create the corresponding nodes in my treeview. so , how to do? gtalk:freeespe...@gmail.com

could not config n-way multi-master because insufficient access

my env is Debian squeeze, OpenLDAP 2.4.17( from packages.debian.org) I create an OpenLDAP Server, and try to config N-Wat multi-master, according to OpenLDAP Admin Guide. i adding init.ldif file on the server , the following is the content *dn: cn=config objectClass: olcGlobal cn: config olcServ

Re: could not config n-way multi-master because insufficient access

gtalk:freeespe...@gmail.com On Mon, Jun 7, 2010 at 6:09 PM, Buchan Milne wrote: > On Monday, 7 June 2010 07:10:00 owen nirvana wrote: > > my env is Debian squeeze, OpenLDAP 2.4.17( from packages.debian.org) > > I create an OpenLDAP Server, and try to config N-Wat multi-master,

fails to start ldaps://

it's openldap-2.4.17 in debian testing I try to config slapd.conf to use ldap ssl. TLSCACertificateFile cacert.pem TLSCertificateFile ldapclient.pem TLSCertificateKeyFile ldapclientkey.pem TLSVerifyClient never I could not start slapd after I config TLS in slapd.conf, error info is "Main: TLS ini

how to run a LDAP as TLS Server and TLS Client contemporary

It seems tls server and client configuration could not work at the same time. In Windows, should I rename .ldaprc to ldaprc? gtalk:freeespe...@gmail.com

how to run LDAP Server with TLS automatic

It seems pem pass phrase is needed everytime, so I could not make it run automatic gtalk:freeespe...@gmail.com

why LDAP and LDAPS was opened contemporary

I set tls options to use ldaps. question 1: port 389 is opened yet when I scan the LDAP Server by nmap, but I could not connect it with Apache Directory Studio v1.5.3. question 2: Nmap tell me "server still supports SSLv2", but I set TLSCipherSuite is HIGH:MEDIUM:-SSLv2 question 3: I try to im

Re: why LDAP and LDAPS was opened contemporary

: > > On 02/07/2010, at 12:49 PM, owen nirvana wrote: > > > I set tls options to use ldaps. > > When using TLS you dont need LDAPS, you want to set your systems to > ldap://ldap.server > > > > > question 1: > > port 389 is opened yet when I scan the

Re: why LDAP and LDAPS was opened contemporary

create a new certificate and key , CN = Administrator, no more verify failed, but " ldap_start_tls : Can't Contact LDAP Server(-1)" is repoerted yet, no addition info gtalk:freeespe...@gmail.com On Fri, Jul 2, 2010 at 12:47 PM, owen nirvana wrote: > thanks > > ab

Re: why LDAP and LDAPS was opened contemporary

> On 02/07/2010, at 2:51 PM, owen nirvana wrote: > > > create a new certificate and key , CN = Administrator, no more verify > > failed, but > > > > " ldap_start_tls : Can't Contact LDAP Server(-1)" is repoerted yet, no > > addition info >

Re: why LDAP and LDAPS was opened contemporary

; to the server using ldap://ldap.domain.com. It is the cause of most TLS >> issues. >> >> On 02/07/2010, at 2:51 PM, owen nirvana wrote: >> >> > create a new certificate and key , CN = Administrator, no more verify >> > failed, but >> > >

where should I place ldap.conf in win32

ldap for windows is no ldap.conf after installation. I write client TLS configuation in it. It seems to not work if I put it to OPEN_LDAP_DIR . gtalk:freeespe...@gmail.com

users in openLDAP

in slapd.conf, rootdn is described as a root user with unlimited priviledge, so other users are recommented to use after slapd.conf was finished. But other users like "cn=replicator" has no corresponding configuration item, should I write user item into bdb. gtalk:freeespe...@gmail.com

about LDIF operation by API

It seems nothing is provided for operating LDIF. How to implement ldif export and import with C/C++ in OpenLDAP. gtalk:freeespe...@gmail.com

how to implement replication from son CA to superior CA

syncrepl could copy data between master and slave. However, it happened the two same LDAP server. So I need replicate data to superior CA, like the following: superior CA : dc= ACA,dc=RootCA (ip is 192.168.0.137) son CA: dc=BCA,dc=ACA,dc=RootCA (ip is 192.168.0.138) In superior CA , slapd.conf

replication from child to Parent domain

How to config slapd.conf to replicate between the parent domain(dc=parentCA) and the child(dc=sonCA,dc=parentCA) domain. gtalk:freeespe...@gmail.com

Re: replication from child to Parent domain

nt to replicate the content of what you call the > parent domain(dc=parentCA) on one server to the child domain on a different > server? > > Regards, > Torsten > > On Fri, 13 Aug 2010 17:11:10 +0800, owen nirvana > wrote: > > How to config sla

Re: replication from child to Parent domain

es have not the same DIT. Maybe syncrepl could not support it. gtalk:freeespe...@gmail.com On Mon, Aug 16, 2010 at 5:14 PM, Marc Patermann < hans.mo...@ofd-z.niedersachsen.de> wrote: > Owen, > > owen nirvana schrieb am 13.08.2010 20:02 Uhr: > > I means how to config re

Re: replication from child to Parent domain

1 descriptor connection_close: deferring conn=1001 sd=4 daemon: waked daemon: WSselect: listen=2 active_threads=0 tvp=zero conn=1001 op=2 do_unbind daemon: WSselect: listen=3 active_threads=0 tvp=zero connection_resched: attempting closing conn=1001 sd=4 connection_close: conn=1001 sd=4 daemon

how to analysis openldap log

I could not find apis for analysising log. Thanks for help! gtalk:freeespe...@gmail.com

Re: Re: how to analysis openldap log

> > I could not find apis for analysising log. > > > > Thanks for help! > What kind of log are you referring to? > syslog, log database or monitor database? log databasem, the files like log.00x in /var/ldap/ gtalk:freeespe...@gmail.com

could not work in C++?

I try to access ldap data in C++, and write a small example which open and close ldap, compiled by g++ error is the following: error: 'ldap_init' was not decalred in this scope error: 'ldap_simple_bind_s' was not decalred in this scope error: 'ldap_unbind' was not decalred in this scope I have

Re: could not work in C++?

thanks, I have to these deprecate interfaces because I use cldap in win32. gtalk:freeespe...@gmail.com On Mon, Apr 4, 2011 at 5:31 PM, Hallvard B Furuseth < h.b.furus...@usit.uio.no> wrote: > owen nirvana writes: > > error is the following: > > error: 'ldap_init'

how to use ldap_parse_sortresponse_control

I confuse with the use of ldap_parse_sortresponse_control because there is no example and document about it. Although it seems like ldap_parse_sort_control of Novell CLDAP and Mozilla C LDAP, it is wrong if using it on their way. the following is my code: ... LDAPControl *sortctrl = NULL;